Survey: CISOs Increasing Budgets for Crisis Simulations in 2025

Today, Cyber Performance Center, Hack The Box, released new data showcasing the perspectives of Chief Information Security Officers (CISOs) towards cyber preparedness in 2025.

In the aftermath of 2024’s high-profile cybersecurity incidents, including NHS, CrowdStrike, TfL, 23andMe, and Cencora, CISOs are reassessing their organization’s readiness to manage a potential “chaos” of a full-scale cyber crisis.

Many CISOs across the UK and US, are concerned about their organization’s ability to handle a cyber crisis. This is owing to a number of reasons – the rising volume of cyber incidents (31%), lack of incident response planning (20%), and a lack of realistic, stress-tested crisis simulations (19%).

This drives CISOs to reallocate budgets towards crisis preparedness, as they seek to maintain security posture.

Key findings include:

  • 74% of CISOs reported their organizations are increasing annual budgets for crisis simulation exercises in 2025, motivated by last year’s major incidents.
  • 73% identified practical crisis simulations and incident response exercises involving both technical and non-technical teams - as their top business priority for 2025.
  • 77% stated they would allocate greater budgets for cyber crisis simulations if the exercises were more realistic and actionable.
  • The findings highlight a growing recognition among CISOs of the importance of realistic, hands-on crisis simulations to build visibility and ensure their organizations can respond effectively during a crisis. In fact, as much as 16% of 2025 security budgets are being reallocated to simulation exercises following last year’s incidents.

    Haris Pylarinos, CEO and Founder at Hack The Box, commented: “Preparedness is the foundation of resilience, and crisis simulations play a crucial role in testing organizations security and workforce performance when it's most critical. Organizations are right to prioritize crisis simulation and must ensure that these are implemented in the right way. There is a need for these exercises to be increasingly realistic and engaging, to equip both technical and non-technical teams of all levels with the confidence needed to decisively defend against evolving threats.”

    “The next evolution of crisis simulation is coupling AI with expert knowledge to deliver highly realistic and tailored scenarios that challenge senior management and front-line professionals. These will unite previously disparate business units as one and allow real-world performance to be benchmarked in a controlled environment.”

    Lucas Kello, Associate Professor of International Relations at the University of Oxford, said: “With the expansion of artificial intelligence, the escalating cyber arms race is entering a new and more unstable phase. AI can act as both a weapon and a shield; it can enhance threats even as it helps to defeat them. The investment in crisis simulation exercises reflects a growing awareness that future cyber conflicts will transcend current threat models while requiring accelerated responses that outpace human reaction times.” “Cyber preparedness is now a matter of national and economic security. 2025 will be a critical year for setting new standards in how nations and industries both utilize and protect against AI.”

  • Featured

    • Agentic AI Will Revolutionize Cybercrime in 2025 According to New Report

      Malwarebytes, a provider in real-time cyber protection, recently released its 2025 State of Malware report, which reveals insight into the emergence of agentic artificial intelligence (AI), plus the year’s most prominent threats and cybercrime tactics. The report details a significant uptick in the number of known ransomware attacks, the total value of ransoms paid in 2024, and how IT teams can address them. Read Now

    • ESX 2025 Announces Expanded Schedule of Events

      ESX has announced its dynamic 2025 schedule, set to provide an unparalleled experience for professionals in the electronic security and life safety industry. Taking place June 16-19 at the Cobb Galleria Centre, this year’s event features an expanded lineup of educational sessions, hands-on workshops, inspiring main stage speakers, networking opportunities, and an engaging expo floor showcasing the latest technology. Read Now

    • City of New Orleans Launches NOLA Ready Public Safety App Before Super Bowl

      The City of New Orleans Office of Homeland Security and Emergency Preparedness (NOHSEP) is pleased to announce the official launch of the NOLA Ready Public Safety App, powered by Motorola Solutions. This new mobile application is designed to enhance public safety and emergency preparedness for both residents and visitors. All individuals planning to attend major events in New Orleans, including the Super Bowl, Mardi Gras, and other large gatherings, are encouraged to download the app. Read Now

    • 5 Tips to Improve Your Password Security

      Change Your Password Day is right around the corner. Observed every year on February 1, the day aims to raise awareness about cybersecurity and underscores the importance of keeping passwords strong and up to date. Read Now

    New Products

    • Camden CV-7600 High Security Card Readers

      Camden CV-7600 High Security Card Readers

      Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure.

    • Unified VMS

      AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities

    • FEP GameChanger

      FEP GameChanger

      Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction.